styling-expert
Pass
Audited by Gen Agent Trust Hub on Mar 3, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill defines a 'Memory Protocol' in SKILL.md that instructs the agent to execute 'cat .claude/context/memory/learnings.md' using the Bash tool to manage persistent learnings across interactions.
- [EXTERNAL_DOWNLOADS]: Research guidelines in references/research-requirements.md specify the use of external tools like Exa and WebFetch to gather styling best practices from web sources.
- [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface by ingesting web content into a context with significant tool access. Ingestion points: External documentation fetched via search tools (Exa) and web readers (WebFetch). Boundary markers: No explicit markers or instructions to ignore embedded commands are defined for fetched content. Capability inventory: The skill provides access to Bash, Write, Edit, Grep, and Glob tools. Sanitization: No data validation or sanitization logic is specified for the results of external research.
Audit Metadata